I've just read this alert on a newsgroup:
The Washington Post alerts Windows users about a new P2P Backdoor Client that is installed maliciously on broadband-connected computers around Asia and the United States. The client is then used for distributed DOS attacks and sending out large amounts of spam. Phatbot, according to government sources, is installed on hundreds of thousands machines already. Phatbot snoops for passwords on infected computers and tries to disable firewall and antivirus software, albeit it is detectable by antivirus packages."
Here there's also a link to the Phatbot Trojan Analysis.
I've read carefully this analysis and the new feature of this Troyan is the use of P2P to control the Bot instead of IRC. It uses an encrypted P2P protocol designed for private messaging and file transfer between a small number of trusted parties and it uses Gnutella network (Phatbot code registers itself with a list of URLs pretending to be a version of GNUT, a Gnutella client). The Phatbots differentiate themselves from the Gnutella clients by using TCP port 4387 instead of the standard Gnutella port.
The use of P2P is a new way for Troyan diffusion?
Interesting new download... Microsoft Office XP Web Services Toolkit 2.0.
This toolkit allows you to quickly access and use Web Services from VBA. It brings the power of XML Web services to Office XP by enabling developers to use the Universal Description, Discovery, and Integration (UDDI) Business Registry or the URL to a Web Services Description Language (WSDL) file to reference XML Web services. It supports SOAP 3.0 and complex data types.
Check it...
What do you think about Windows Update Service project?
Windows Update Services (WUS) is the new name for the next version of the update management solution currently known as Software Update Services (SUS). It is a major step forward in Microsoft's patch and update management strategy, providing customers with additional automation and control that reduces interruption when updating systems... Windows Update Services will support updating Windows®, Office, SQL Server™, and other Microsoft products and will provide significantly expanded capabilities over SUS.
Will be really performant?